﻿@{
    PageData["Title"] = "Forget Your Password?";

    bool isValid = true;
    bool isSuccess = false;
    var errorMessage = "";
    var currentPasswordError = "";
    var newPasswordError = "";
    var confirmPasswordError = "";
    var currentPassword = Request["currentPassword"];
    var newPassword = Request["newPassword"];
    var confirmPassword = Request["confirmPassword"];

    if (IsPost) {
        if (currentPassword.IsEmpty()) {
            currentPasswordError = "Please enter your current password.";
            isValid = false;
        }
        if (newPassword.IsEmpty()) {
            newPasswordError = "Please enter a new password.";
            isValid = false;
        }
        if (confirmPassword.IsEmpty()) {
            confirmPasswordError = "Please confirm your new password.";
            isValid = false;
        }
        if(confirmPassword != newPassword) {
            confirmPasswordError = "The password confirmation does not match the new password.";
            isValid = false;
        }

        if(isValid) {
            if(WebSecurity.ChangePassword(WebSecurity.CurrentUserName, currentPassword, newPassword)) {
                isSuccess = true;
            } else {
                errorMessage = "An error occurred when attempting to change the password. Please contact the site owner.";
            }
        } else {
            errorMessage = "Password change failed. Please correct the errors and try again.";
        }
    }
}

<h2>Change Password</h2>
<p>
    Use this form to change your password. You'll be required to enter your current password. 
    Click <a href="@Href("~/Account/ForgotPassword")">here</a> if you've forgotten your password.
</p>
<fieldset class="prettyForm">
    <form method="post" action="">
        @if (isSuccess) {
            <div class="message success icon">
                Your password has been updated!
            </div>
        }
        @if (!errorMessage.IsEmpty()) {
            <div class="message error icon">
                @errorMessage
            </div>
        }
        <div>
            <label for="currentPassword">Current Password</label>
            <input type="password" name="currentPassword" value="" />
            @if (!currentPasswordError.IsEmpty()) {
                <span class="message error">&raquo; @currentPasswordError</span>
            }
        </div>
        <div>
            <label for="newPassword">New Password:</label> 
            <input type="password" name="newPassword" />
            @if (!newPasswordError.IsEmpty()) {
                <span class="message error">&raquo; @newPasswordError</span>
            }
        </div>
        <div>
            <label for="confirmPassword">Confirm Password:</label> 
            <input type="password" name="confirmPassword" />
            @if (!confirmPasswordError.IsEmpty()) {
                <span class="message error">&raquo; @confirmPasswordError</span>
            }
        </div>

        <div>
            <input type="submit" value="Change Password" />
        </div>
    </form>
</fieldset>
